From a0f7145f9cb41b4cb0934754eaab15b2aac93805 Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Mon, 23 Dec 2024 22:04:55 +0000 Subject: [PATCH] Add DNS repo sync to adm hosts --- playbooks/adm.yml | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/playbooks/adm.yml b/playbooks/adm.yml index 5900555..272dbdf 100644 --- a/playbooks/adm.yml +++ b/playbooks/adm.yml @@ -18,7 +18,7 @@ name: /export src: LABEL=/export fstype: xfs - opts: noatime,noexec,nosuid,nodev + opts: noatime,nosuid,nodev passno: "0" dump: "0" state: mounted @@ -73,3 +73,40 @@ mode: "0600" owner: root group: "{{ ansible_wheel }}" + + - name: Clone dns repo + ansible.builtin.git: + dest: /export/dns + repo: https://adm01.home.foo.sh/dns.git + update: true + version: master + environment: + GIT_SSL_CAINFO: "{{ tls_certs }}/ca.crt" + GIT_SSL_CERT: "{{ tls_certs }}/{{ inventory_hostname }}.crt" + GIT_SSL_KEY: "{{ tls_private }}/{{ inventory_hostname }}.key" + when: 'inventory_hostname != "adm01.home.foo.sh"' + - name: Link dns repo + ansible.builtin.file: + dest: /srv/dns + src: /export/dns + state: link + owner: root + group: "{{ ansible_wheel }}" + follow: false + - name: Add cron job to sync dns repo + ansible.builtin.cron: + name: sync dns repository + job: >- + GIT_SSL_CAINFO="{{ tls_certs }}/ca.crt" + GIT_SSL_CERT="{{ tls_certs }}/{{ inventory_hostname }}.crt" + GIT_SSL_KEY="{{ tls_private }}/{{ inventory_hostname }}.key" + git -C /srv/dns pull -q + minute: "02" + when: 'inventory_hostname != "adm01.home.foo.sh"' + - name: Links dns repo to web + ansible.builtin.file: + dest: "/srv/web/{{ inventory_hostname }}/dns.git" + src: /srv/dns/.git + state: link + owner: root + group: "{{ ansible_wheel }}"